pf tests: extend the source limiter test

Also enumerate and kill individual source addresses.

Sponsored by:	Rubicon Communications, LLC ("Netgate")
This commit is contained in:
Kristof Provost
2026-01-08 18:37:27 +01:00
parent 086a3cb4b8
commit e3319f9190
+14
View File
@@ -180,6 +180,20 @@ source_basic_body()
# However, a different source will succeed
atf_check -s exit:0 -o ignore \
ping -S 192.0.2.3 -c 2 192.0.2.1
atf_check -o match:"192.0.2.2/32 .*hardlim 2 ratelim 0" \
-e ignore \
jexec alcatraz pfctl -sLimiterSrcs -v
atf_check -o match:"192.0.2.3/32 .*hardlim 0 ratelim 0" \
-e ignore \
jexec alcatraz pfctl -sLimiterSrcs -v
# Kill the source entry
atf_check -s exit:0 -e ignore \
jexec alcatraz pfctl -I 1 -k source -k 192.0.2.2
# Now we can ping again from it
atf_check -s exit:0 -o ignore \
ping -S 192.0.2.2 -c 2 192.0.2.1
}
source_basic_cleanup()